1. Data privacy and security in the world of large language models
Deepak Kumar
AI Principal Technologist - Windriver
https://www.linkedin.com/in/dpkumar/

2. Agenda
● Cybersecurity challenges
● Data breaches/leaks in the recent past
● Data privacy with ChatGPT's policy to retain data
● Brainstorming

3. Cybersecurity challenges

4. In news
References: https://hbr.org/2023/04/the-new-risks-chatgpt-poses-to-cybersecurity
https://edition.cnn.com/2023/05/03/tech/chatgpt-hackers-meta/index.html

5. In news
Reference: https://techcrunch.com/2023/05/03/malware-chatgpt-lures-facebook/

6. Issues
● AI-Generated Phishing Scams
○ Threat actors to use ChatGPT to create sophisticated and realistic
phishing emails.
○ A similarly dangerous tactic is the use of AI to create disinformation and
conspiracy campaigns.
● Duping ChatGPT into Writing Malicious Code
○ The chatbot can be prompted to generate malicious code
Reference: https://hbr.org/2023/04/the-new-risks-chatgpt-poses-to-cybersecurity

7. Issues
● Increase in attack surface due to chatGPT privacy policy
○ it may collect personal information from your messages, any files you
upload
● Human engineering based attack
○ Meta said it had “investigated and taken action against malware strains
taking advantage of people’s interest in OpenAI’s ChatGPT to trick them
into installing malware pretending to provide AI functionality.”
Reference: https://edition.cnn.com/2023/05/03/tech/chatgpt-hackers-meta/index.html

8. Data breaches & leaks in the recent past

9. In news
References: https://securityintelligence.com/articles/chatgpt-confirms-data-breach/
https://openai.com/blog/march-20-chatgpt-outage

10. In news
Reference: https://www.businesstoday.in/technology/news/story/samsung-employees-accidentally-leaked-company-
secrets-via-chatgpt-heres-what-happened-376375-2023-04-06

11. ● Software bug
○ Bug in Redis OSS, for example
● chatGPT privacy policy to retain data
● Human e…

12. Data privacy with ChatGPT's policy to retain data

13. Data retention policy of openAI
Ref: https://www.makeuseof.com/chatgpt-privacy-issues/

14. Problem
References: https://theconversation.com/chatgpt-is-a-data-privacy-nightmare-if-youve-ever-posted-
online-you-ought-to-be-concerned-199283
https://venturebeat.com/security/privateais-privategpt-aims-to-combat-chatgpt-privacy-concerns/
https://www.makeuseof.com/chatgpt-privacy-issues/
https://www.wired.com/story/italy-ban-chatgpt-privacy-gdpr/
https://cybernews.com/news/chatgpt-samsung-data-leak/

15. In News

16. Privacy problems
● ChatGPT’s privacy policy issue
○ Collect personal information from your messages. It
includes the document you upload to chatGPT
○ Your conversations may be reviewed by its AI trainers
to improve the chat and train the system further
● Not complying the PII policies like GDPR

18. OpenAI Handling
● Bug bounty of up to $20,000 to anyone who discovers unreported vulnerabilities.
Reference: https://venturebeat.com/security/privateais-privategpt-aims-to-combat-chatgpt-privacy-concerns/
https://www.businesstoday.in/technology/news/story/samsung-employees-accidentally-leaked-company-secrets-via-
chatgpt-heres-what-happened-376375-2023-04-06
https://cybernews.com/news/chatgpt-samsung-data-leak/

19. OpenAI Offerings
Reference:https://www.cnbc.com/2023/04/30/the-big-cyber-risks-when-chatgpt-and-ai-are-

20. Few Answers

21. Few Answers
● Prompt query Sanitization/anonymization
Reference: https://venturebeat.com/security/privateais-privategpt-aims-to-combat-chatgpt-privacy-concerns/
https://www.businesstoday.in/technology/news/story/samsung-employees-accidentally-leaked-company-secrets-
via-chatgpt-heres-what-happened-376375-2023-04-06

22. Answer from chatGPT :)

23. Interesting reads
https://openai.com/blog/march-20-chatgpt-outage -> To know technical detail of
the software bug
https://openai.com/policies/privacy-policy -> Privacy policy
https://www.meetup.com/bangalore-genai-meetup/events/293709131/ -> For this slide :)